On 5 October 2023, the Data Protection Association hosted its traditional conference in Prague on current issues of personal data protection and processing.
This year’s conference, already the seventh, was organised in cooperation with the Office for Personal Data Protection, the Union of Corporate Lawyers of the Czech Republic and the Czech Institute of Information Security Managers. The main partner was Microsoft. The partners of the conference were law firms Kinstellar, KMVS, Pierstone and Rowan Legal. The conference was attended by 180 guests and speakers from the Czech Republic and other European countries. The EFDPO participated in the conference with two members of its Board of Directors: Mrs Judith Leschanz from Autria, talked about data breaches, Mr Spiros Tassis from Greece talked about AI and data protection. Vladan Rámiš, Chairman of the Association, commented on this year’s conference: “I am very pleased that the Association’s conference has gradually developed into the largest event of its kind in the Czech Republic. This international dimension allows for a better exchange of experience across the EU and contributes to a common understanding of the interpretation of the GDPR and other regulations governing the processing of personal data.“
The conference was opened by the Vice-Chairman of the Office for Personal Data Protection (ÚOOÚ), Mgr. Petr Jäger, PhD., who emphasised that “mutual cooperation is a necessary basis for effective and meaningful protection of personal data. In the area of personal data protection, we are increasingly moving rapidly into the cyber virtual space. Therefore, in practice, it is often very complicated to comply not only with the text of the General Data Protection Regulation, but also with other related regulations and rules. This is not only in their application, but also in supervisory and control activities. The conference, which is regularly organised by the Data Protection Association, can be considered a unique opportunity for a practical and multidisciplinary exchange of experience, which contributes to a better understanding and comprehension of the current challenges for the protection of personal data, thanks to its increasingly high quality content. I consider the international dimension of the conference to be a necessary basis for our common ability to confront the various and increasingly sophisticated efforts to abuse personal data.”
Morning plenary discussion
In the morning session, Mgr. Petr Jäger, Ph.D., Vice-Chairman of the DPA, presented the forthcoming rules for the unification of supervision and enforcement of the GDPR at the level of the European Union. This was followed by, among others, a presentation by Ms Alenka Antloga from the Slovenian supervisory authority, who addressed the issue of the role of the Data Protection Officer in ensuring the compliance of an organisation’s activities with the requirements of the GDPR. Current issues arising from the practice of data processing and data protection were presented by Jana Pattynová, Martin Cach and Michal Nulíček from the Czech Association. In addition to Ms. Antloga, foreign experiences were presented by Judith Leschanz from Austria, Spiros Tassis from Greece and Lucia Semančínová from Slovakia.
Workshops in the afternoon
The afternoon part of the conference was divided into 4 parallel workshops.
The topic of the first one, whose partners were the law firms Pierstone and Rowan Legal and together with them also the Czech Institute of Information Security Managers, was cyber security. The speakers mainly analysed the impact of the new legislation (NIS2 and DORA) on the processing of personal data, overlaps, points of contact or, on the contrary, possible conflicting provisions that need to be addressed in practice.
The second seminar, whose partner was the law firm Kinstellar, dealt with the very topical issues of artificial intelligence, or the use of tools and applications with artificial intelligence and the implications for the fulfillment of obligations under the GDPR.
The topic of the third afternoon seminar, partnered by KMVS, was the secondary use of health data under the proposed new European Health Data Space Regulation.
Finally, the fourth seminar discussed the current issues of the use of CCTV systems, including the forthcoming methodology of the Czech DPA and the practical challenges in the use of CCTV in the public and private sectors.
The next conference will take place on 3 October 2024 again in Prague.